[wasm] Avoid reserving buffer if no memory declared.

This makes sure no underlying ArrayBuffer is reserved for modules that
don't declare a module. For the case where a memory is declared but the
initial size is 0, we still reserve a buffer in case of trap handlers.

R=ahaas@chromium.org
BUG=v8:9678

Change-Id: I837b8f257b63eb4111646806b899074babd7c9f7
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1784290Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63568}

src/wasm/module-instantiate.cc

@@ -314,7 +314,8 @@ MaybeHandle<WasmInstanceObject> InstanceBuilder::Build() {
     DCHECK_IMPLIES(native_module->use_trap_handler(),
                    is_asmjs_module(module_) || memory->is_wasm_memory() ||
                        memory->backing_store() == nullptr);
-  } else if (initial_pages > 0 || native_module->use_trap_handler()) {
+  } else if (initial_pages > 0 ||
+             (module_->has_memory && native_module->use_trap_handler())) {
     // We need to unconditionally create a guard region if using trap handlers,
     // even when the size is zero to prevent null-dereference issues
     // (e.g. https://crbug.com/769637).

src/wasm/wasm-memory.cc

@@ -566,7 +566,7 @@ MaybeHandle<JSArrayBuffer> AllocateAndSetupArrayBuffer(Isolate* isolate,
 
   WasmMemoryTracker* memory_tracker = isolate->wasm_engine()->memory_tracker();
 
-  // Set by TryAllocateBackingStore or GetEmptyBackingStore
+  // Set by TryAllocateBackingStore.
   void* allocation_base = nullptr;
   size_t allocation_length = 0;